<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2018/5/12 0012
 * Time: 16:43
 */
include '../model/db.php';
session_start();
// var_dump($_POST);exit;
if($_POST['user']||$_POST['pass']||$_POST['yzm']){
    //1.合法判断

    //2.判断用户名密码是否正确
    if(!empty($_POST['user'])&&empty($_POST['pass'])) {
        $sql = "select * from bl_member where user='{$_POST['user']}'";
        $arr = db_sel($sql);

        if (empty($arr)) {
            echo '账号不存在';
        }else{
            echo '账号正确';
            //    4.保存用户数据到session
            $_SESSION['home']['id'] = $arr['id'];
            $_SESSION['home']['user'] = $arr['user'];
            $_SESSION['home']['nickname'] = $arr['nickname'];
            $_SESSION['home']['pass'] = $arr['pass'];
        }
        //判断用户名是否被禁用
        if ($arr['stat'] == '2') {
            echo '用户名禁用，联系管理员';
        }
    }

    //判断密码
    if(!empty($_POST['pass'])&& empty($_POST['user'])) {

        if ($_SESSION['home']['pass'] != md5($_POST['pass'])) {
            echo '密码不正确';
        }else{
            echo '密码正确';
        }
    }

//用户提交的验证码和生成验证码是否相同
    if(!empty($_POST['yzm'])) {

        if ($_POST['yzm'] != $_SESSION['dl_yzm']) {
            echo '验证码错误!';
        }else{
            echo '验证码正确!';
        }


    }

}
if($_POST['user']&&$_POST['pass']&&$_POST['yzm']){

    if($_POST['user']==$_SESSION['home']['user']&&md5($_POST['pass'])==$_SESSION['home']['pass']&&$_POST['yzm']==$_SESSION['dl_yzm']){
        //3.判断是否选择了下一次自动登录
//        if($_POST['rad']=='1'){
//            //保存用户数据到cookie，下一次自动登录（自动生成session）
//            setcookie('home_user',$_SESSION['home']['user'],time()+3*24*3600,'/');
//        }
        //登录成功
        exit("<script>alert('登录成功！');location.href='./index.php'</script>");
    }
}
